W3C home > Mailing lists > Public > public-wsc-wg@w3.org > June 2008

Agenda: WSC WG distributed meeting, Wednesday, 2008-06-11

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Tue, 10 Jun 2008 09:22:11 -0400
To: public-wsc-wg@w3.org
Message-ID: <OF6A342098.BCB0A091-ON85257460.0041D8CC-85257464.004970D9@LocalDomain>
       Web Security Context (WSC) Call Agenda

Calling information:
Wednesday, 11 June 2008
11:00 am - 12:30 pm Eastern time


1) Pick a scribe

2) Approve minutes from meetings
Not available at the time of writing 

3) Weekly completed action items
(Usually checkpointed Friday am, US East Coast time) 
[pending review] ACTION-434: Anil Saldhana to Add robustness-obscuring 
xrefs to identity signal and TLS signal - due 2008-05-31
[pending review] ACTION-453: Yngve Pettersen to Provide initial draft of 
security considerations for EV mixed with DV case - due 2008-05-30

4) Open Action Items

5) Action items closed due to inactivity 

6) Agenda bashing 

7) Conforming Implementations
Needed for CR exit. 
We'll need at least two conforming implementations to test against. We're 
currently targeting (at least) Opera and Firefox. 
Discuss Firefox this week. Johnthan is this discussion; he is welcome to 
What version of Firefox will we test? 
What can we expect in terms of MUSTs, SHOULDs, etc. 
Will we have gaps? 
We'll walk through the spec, logging which RFC 2119 statements Firefox 
expects to cover, and which not. 

8) Next meeting - 18 June 2008

We need to wrap up actions and issues so we can go to last call. 
All issues besides 188 and 199 will be closed when their associated 
actions are closed. 
We'll do the final cleanup on 188 and 199 at that time. 

Finish up going over Opera 9.50 as a conforming implementation to test 
Yngve, Jan Vidar, and Claudio will be required. Perhaps next week? 

What else beyond June?
What, if anything, other than taking wsc-xit through LC to CR entry to CR 
exit (to recommendation) would we like to do after June? What would we be 
capable of doing? What should we, or someone like us, do? 
Some ideas: 
o Authoring best practices for (usably) secured sites. Some of the things 
we've wanted to recommend haven't been obviously in the scope of enabling 
security context information for user trust decisions. Should we ask for a 
charter clarification/change or new WG to do this? 
o Dealing with mixed content (there's some feeling that there might be 
more to do here). 
o Providing guidance or expertise to other standards efforts that touch on 
usable security. Can we provide guidance on how to deal with user 
expectations and implications when protocol security is 
designed/standardized? To do? Not to do? 
Received on Tuesday, 10 June 2008 13:22:50 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:14:21 UTC